This time last year, industry observers may have wondered whether regulators were on a mission to eliminate banking-as-a-service. The outlook for 2025, however, appears considerably brighter.
After a flurry of BaaS-related enforcement actions against banks landed in the first few months of 2024, the pace dropped off considerably during the year. That’s partly because banks, fintechs and regulators have become more educated on the BaaS model, which enables fintechs and other nonbank companies to offer banking products by partnering with chartered lenders.
The turnover in presidential administration is also expected to spur a change in regulatory attitudes toward bank-fintech relationships, analysts expect.
Although it’s unclear what the Trump administration will ultimately do, less aggressive policies are likely and “the vibe is a lot less hostile,” said Konrad Alt, co-founder and partner at financial services advisory and investing firm Klaros Group.
Plus, regulators may be running out of BaaS targets for enforcement actions.
The number of banks offering BaaS has hovered around 150 for most of the last couple of years, Alt said during a recent interview. Regulators have issued about 42 formal enforcement actions since 2020, and it’s likely a similar number of informal enforcement actions have been issued. That means there’s just not as many banks left for regulators to take action against, he said.
All of that put together is expected to mean relatively brighter days ahead for the BaaS space, as analysts don’t expect a return to the level of enforcement actions the industry saw one year ago. Regulatory scrutiny won’t disappear, though.
‘A lot of wood to chop’
The most recent regulatory cycle addressed many of the BaaS sector’s weak programs and bad actors through enforcement actions the past two years, said James Stevens, a partner at law firm Troutman Pepper Locke, and that puts BaaS in a position to grow in the coming years.
“Banks that are already in the space and that are not held back by enforcement actions will generally increase their efforts in the space,” Stevens said in an email.
Still, a number of enforcement actions, both formal and informal, are still working their way through the process, according to Alt. Many of the banks engaging in BaaS are small and resource-constrained, meaning it could take some time for them to be freed from such actions.
“Those banks still have a lot of wood to chop even in a more positive environment,” Stevens said.
But most BaaS banks have now been through careful examinations, so the learning curve isn’t what it used to be, and regulators have also issued guidance for sector participants. Enforcement actions will continue, but as more of a “trickle,” Alt said.
BaaS will probably continue to receive a disproportionate level of regulatory scrutiny and enforcement actions, though.
Rulemaking and guidance are impacted by an election’s outcome long before the exam or enforcement actions level, Alt noted. And the ongoing fallout of last year’s Synapse collapse also remains top of mind, meaning regulators will keep their attention on recordkeeping and reconciliation issues.
Stevens also noted state financial regulators may “flex their muscle in areas where they believe there are issues, especially if those state regulators do not believe their concerns are being addressed by their federal peers.”
For his part, the likely next chair of the Federal Deposit Insurance Corp. last week seemed to advocate for a different regulatory outlook on bank-fintech partnerships. Noting enforcement actions the FDIC and other banking agencies have issued, FDIC Vice Chair Travis Hill said a better approach would have been “to lay out our expectations clearly and transparently on the front end,” rather than “go[ing] down the line hammering each bank one by one, forcing the industry to reevaluate its compliance approach after every new order.”
Entrances and exits
“Evolving regulatory expectations” is one reason Five Star Bank in New York gave for exiting the BaaS space. Other banks, too, have fled the BaaS business.
Exits are expected to continue. “There are a lot of banks out there that are learning the hard way that managing the risks appropriately in this space is expensive, and it requires expertise that they don't necessarily have,” Alt said. There’s a low barrier to entry, and the small banks that get into BaaS, often doing so in an effort to make more money, may not be prepared for the risks associated with it.
However, the changing tides for BaaS have a number of banks considering jumping in. New banks will enter the space this year and in the years ahead, including de novos and traditional banks that experience a change in control, Stevens expects.
“My sense is there are at least as many banks getting into it as getting out,” Alt said.
